How I find Open-Redirect Vulnerability in redacted.com (One of the top online payment processing service website)

This is my first write-up, I hate writing blogs that’s why I didn’t publish any of my findings yet. But now on somebody request and suggestion I started to publish and share my findings.

So let get started :) I start with the brief introduction of myself then I’ll move forward to my findings, I am an Information Security Researcher / Bug Bounty Hunter. Working on HackerOne since 2014 and Now I’m listed on the top 100 Hackers of HackerOne, That’s my HackerOne profile https://hackerone.com/protector47, I also develop e-commerce websites and have great experience in the e-commerce industry.

I cannot disclose the website named so let’s assume https://site.com.

I was integrating the site.com’s payment gateway in an e-commerce website, then suddenly Bug Hunter Ghost wake up and start testing site.com, within 5 to 7 mins testing I found a vulnerability on site.com which is an Open redirect.

Open-Redirect is basically is not a high impact vulnerability but I my opinion for a website like https://site.com Open-Redirect can high-level impact Because https://site.com is a payment processing service. If an attacker can redirect the user to any malicious website then an attacker can also maintain a phishing website for the victim to get the credentials of https://site.com account or their API Keys.

What is Open-Redirect Vulnerability?

Open Redirection is when a web application or server uses a user-submitted link to redirect the user to a given website or page. Even though it seems like a harmless action, to let a user decide on which page he wants to be redirected to if exploited such a technique can have a serious impact, especially when combined with other vulnerabilities and tricks.